-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2008-03-24 14:26:07 UTC
-
Revision ID:
james.westby@ubuntu.com-20080324142607-dyrldvma4po85gka
Tags: 1:1.0.5-1ubuntu2.2
* SECURITY UPDATE: mailboxes of other users could be read via symlinks.
* Add upstream-mail-group-fixes.dpatch: upstream fixes (CVE-2008-1199).
* Add upstream-invalid-password-fixes.dpatch: proactive upstream fixes
to avoid future issues in underlying passdb (CVE-2008-1218).
* References
http://dovecot.org/list/dovecot-news/2008-March/000060.html
http://dovecot.org/list/dovecot-news/2008-March/000064.html